Recent investigations have uncovered that a suspected Russian hacking group known as Water Gamayun, also recognized as EncryptHub or LARVA-208, is exploiting a zero-day vulnerability in Microsoft Windows. This exploitation targets organizations by deploying two new backdoor tools, SilentPrism and…
Cloudflare has publicly acknowledged a security incident involving its Salesforce environment, traced back to the breach of the Salesloft Drift integration. An advanced threat actor, known as GRUB1, exploited OAuth credentials associated with this integration to extract sensitive support case…
Meta recently introduced LlamaFirewall, a new open-source framework aimed at enhancing the security of artificial intelligence systems. This initiative addresses emerging cyber threats like prompt injection, jailbreaks, and various vulnerabilities that AI technologies face today. The framework is structured around…
Recent reports indicate that shipping companies and medical laboratories across Asia have become targets of a sophisticated espionage initiative attributed to a previously unidentified threat actor called Hydrochasma. This activity has been under investigation since October 2022, revealing a pattern…
Data Security Healthcare Providers Suffer Data Breaches Impacting Nearly 900,000 Patients Marianne Kolbasuk McGee (HealthInfoSec) • September 2, 2025 Healthcare suppliers are increasingly targeted by cybercriminals. (Image: Getty Images) Recent cyberattacks have resulted in significant breaches at several specialized healthcare…
Recent reports from cybersecurity researchers indicate a significant increase in login scanning attempts directed at Palo Alto Networks PAN-OS GlobalProtect gateways. An alarming total of nearly 24,000 unique IP addresses have been identified in this activity, raising concerns about the…
The UK’s Ministry of Defence (MoD) is facing scrutiny regarding its secret relocation plan set up in response to a major data leak involving Afghan individuals. The National Audit Office (NAO) has announced that the MoD is unable to accurately…
SonicWall Acknowledges Exploitation of Critical Vulnerabilities in SMA100 Series Devices SonicWall has confirmed that two significant vulnerabilities within its SMA100 Secure Mobile Access appliances have been actively exploited. These flaws, recently patched, pose serious risks to organizations utilizing these devices,…
Recent developments in the open-source software landscape indicate a significant threat, as over 15,000 spam packages have infiltrated the npm repository. These malicious packages aim to disseminate phishing links, posing a considerable risk to users and businesses alike. According to…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Exploitation of Microsoft Blocklist Gap: Silver Fox’s Undetected Operations Pooja Tikekar ( @PoojaTikekar) • September 2, 2025 Image: Jim Cumming/Shutterstock A cyber-espionage campaign attributed to a Chinese nation-state actor, identified as Silver…
